#4991: contrib.admin does not escape help_text (potential XSS)
--------------------------------+-------------------------------------------
Reporter: anonymous | Owner: adrian
Status: new | Component: Admin interface
Version: SVN | Resolution:
Keywords: help_text escape | Stage: Ready for checkin
Has_patch: 1 | Needs_docs: 0
Needs_tests: 0 | Needs_better_patch: 0
--------------------------------+-------------------------------------------
Changes (by Simon G. <[EMAIL PROTECTED]>):
* needs_better_patch: => 0
* needs_tests: => 0
* summary: help_text not escaped in admin => contrib.admin does not
escape help_text (potential XSS)
* needs_docs: => 0
* has_patch: 0 => 1
* stage: Unreviewed => Ready for checkin
Comment:
--
Ticket URL: <http://code.djangoproject.com/ticket/4991#comment:1>
Django Code <http://code.djangoproject.com/>
The web framework for perfectionists with deadlines
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en
-~----------~----~----~----~------~----~------~--~---
